vcode-cli 1.0.0

package/LICENSE

@@ -0,0 +1,21 @@
+MIT License
+
+Copyright (c) 2026 Vynthen
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in all
+copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+SOFTWARE.

package/README.md

@@ -0,0 +1,143 @@
+# V Code CLI
+
+> Connect your local machine to [Vynthen](https://vynthen.com) V Code — a powerful AI code agent with full system control, secure keychain auth, and human-in-the-loop permissions.
+
+```
+  ╔═══════════════════════════════════════════════════════╗
+  ║     ██╗   ██╗     ██████╗ ██████╗ ██████╗ ███████╗    ║
+  ║     ██║   ██║    ██╔════╝██╔═══██╗██╔══██╗██╔════╝    ║
+  ║     ██║   ██║    ██║     ██║   ██║██║  ██║█████╗      ║
+  ║     ╚██╗ ██╔╝    ██║     ██║   ██║██║  ██║██╔══╝      ║
+  ║      ╚████╔╝     ╚██████╗╚██████╔╝██████╔╝███████╗    ║
+  ║       ╚═══╝       ╚═════╝ ╚═════╝ ╚═════╝ ╚══════╝    ║
+  ║              ┌──────────────────────┐                  ║
+  ║              │    ◉            ◉    │                  ║
+  ║              │         ───         │                  ║
+  ║              └──────────────────────┘                  ║
+  ╚═══════════════════════════════════════════════════════╝
+```
+
+## Install
+
+```bash
+npm install -g vcode-cli
+```
+
+## Quick Start
+
+```bash
+# 1. Login with your Vynthen account
+vcode login
+
+# 2. Navigate to your project
+cd /path/to/your/project
+
+# 3. Start the bridge
+vcode start
+```
+
+Then open [vynthen.com](https://vynthen.com) and use V Code — it will operate on your local machine through the secure bridge.
+
+## Commands
+
+| Command | Description |
+|---------|-------------|
+| `vcode login` | Authenticate with your Vynthen email and password |
+| `vcode start` | Start the V Code bridge and connect to Vynthen |
+| `vcode start --approve-all` | Start with all operations auto-approved |
+| `vcode logout` | Clear stored authentication token |
+| `vcode status` | Show connection status and logged-in user |
+| `vcode --version` | Show version |
+
+## What Can V Code Do?
+
+Once connected, V Code can perform operations on your local machine — **every single operation requires your explicit approval** in the terminal.
+
+### File System
+- 📖 Read files and directories
+- ✏️ Create, edit, and write files
+- 📁 Create and delete directories
+- 🔄 Rename and move files
+
+### Terminal
+- ⚡ Execute any shell command
+- 📦 Run scripts and install packages
+
+### Desktop Control
+- 🖱️ Mouse: move, click, right-click, double-click, drag
+- ⌨️ Keyboard: type text, press key combinations
+- 📸 Screenshot: capture full screen or specific window
+
+### System
+- 📂 Open folders in file manager
+- 🌐 Open URLs in browser
+- 📋 Read and write clipboard
+- 🔍 List and manage running processes
+
+## Permission System
+
+Every operation is color-coded by risk level:
+
+- 🔴 **Red** — Destructive operations (delete, kill process)
+- 🟡 **Yellow** — Read operations (read file, screenshot)
+- 🔵 **Blue** — Write operations (create, edit file)
+- 🟣 **Purple** — Execute operations (run command, open URL)
+
+When V Code requests an operation, you'll see:
+
+```
+  🔵 WRITE  V Code wants to write file
+  Details: /home/user/project/index.js
+
+  Allow this operation? (Y/n/a)
+    y — Yes, approve this operation
+    n — No, deny this operation
+    a — Approve all for this session
+```
+
+## Security
+
+- 🔐 **OS Keychain** — JWT stored in your system's native credential store (libsecret on Linux, Keychain on macOS, Credential Manager on Windows). Never stored in plain text.
+- ⏱️ **8-Hour JWT** — Tokens expire automatically. Run `vcode login` to refresh.
+- 🛑 **Human-in-the-Loop** — Zero automatic operations. Every action needs your explicit `y` approval.
+- 🔒 **Encrypted Transport** — All traffic over WSS (encrypted WebSocket).
+- 📝 **Audit Log** — Every approved and denied operation is logged to `~/.vcode/audit.log`.
+- 🚦 **Rate Limited** — Login is rate-limited to 5 attempts per 15 minutes.
+
+## Audit Log
+
+All operations are logged locally at `~/.vcode/audit.log`:
+
+```
+[2026-04-04T10:30:15.123Z] APPROVED READ_FILE             /home/user/project/src/app.tsx
+[2026-04-04T10:30:18.456Z] APPROVED WRITE_FILE            /home/user/project/src/app.tsx
+[2026-04-04T10:30:22.789Z] DENIED   DELETE_FILE            /home/user/project/.env
+[2026-04-04T10:30:25.012Z] APPROVED EXEC_COMMAND           `npm run build` in /home/user/project
+```
+
+## System Requirements
+
+- **Node.js** ≥ 18.0.0
+- **OS**: Linux, macOS, or Windows
+- For mouse/keyboard control: `@nut-tree/nut-js` (optional, installed separately)
+
+## Troubleshooting
+
+### "Not authenticated" error
+Run `vcode login` to authenticate with your Vynthen account.
+
+### "Token expired" error
+Your JWT has expired (8-hour lifetime). Run `vcode login` again.
+
+### Mouse/keyboard features not working
+Install the optional native module:
+```bash
+npm install -g @nut-tree/nut-js
+```
+
+### Connection issues
+Check your internet connection and ensure `wss://vynthen.com` is accessible. The CLI will auto-reconnect with exponential backoff.
+
+## License
+
+MIT © [Vynthen](https://vynthen.com)

package/bin/vcode.js

@@ -0,0 +1,64 @@
+#!/usr/bin/env node
+
+/**
+ * V Code CLI — Vynthen Local Bridge
+ * Entry point for all CLI commands.
+ */
+
+import { Command } from 'commander';
+import { readFileSync } from 'fs';
+import { fileURLToPath } from 'url';
+import { dirname, join } from 'path';
+
+const __filename = fileURLToPath(import.meta.url);
+const __dirname = dirname(__filename);
+const pkg = JSON.parse(readFileSync(join(__dirname, '..', 'package.json'), 'utf8'));
+
+const program = new Command();
+
+program
+  .name('vcode')
+  .description('Connect your local machine to Vynthen V Code')
+  .version(pkg.version, '-v, --version');
+
+program
+  .command('login')
+  .description('Authenticate with your Vynthen account')
+  .action(async () => {
+    const { login } = await import('../lib/commands/login.js');
+    await login();
+  });
+
+program
+  .command('start')
+  .description('Start the V Code bridge and connect to Vynthen')
+  .option('--approve-all', 'Auto-approve all operations for this session')
+  .action(async (opts) => {
+    const { start } = await import('../lib/commands/start.js');
+    await start(opts);
+  });
+
+program
+  .command('logout')
+  .description('Clear stored authentication token')
+  .action(async () => {
+    const { logout } = await import('../lib/commands/logout.js');
+    await logout();
+  });
+
+program
+  .command('status')
+  .description('Show connection status and logged-in user')
+  .action(async () => {
+    const { status } = await import('../lib/commands/status.js');
+    await status();
+  });
+
+program.parse(process.argv);
+
+// Show help if no command provided
+if (!process.argv.slice(2).length) {
+  const { showLogo } = await import('../lib/logo.js');
+  await showLogo(false);
+  program.outputHelp();
+}

package/lib/audit.js

@@ -0,0 +1,48 @@
+/**
+ * V Code — Audit Logger.
+ * Logs every approved operation to ~/.vcode/audit.log
+ */
+
+import { appendFileSync, mkdirSync, existsSync, readFileSync } from 'fs';
+import { join } from 'path';
+import { homedir } from 'os';
+
+const VCODE_DIR = join(homedir(), '.vcode');
+const AUDIT_FILE = join(VCODE_DIR, 'audit.log');
+
+function ensureDir() {
+  if (!existsSync(VCODE_DIR)) {
+    mkdirSync(VCODE_DIR, { recursive: true });
+  }
+}
+
+/**
+ * Append an entry to the audit log.
+ * @param {string} action — e.g. 'FILE_READ', 'FILE_WRITE', 'EXEC_COMMAND'
+ * @param {string} detail — human-readable description
+ * @param {'approved'|'denied'} decision
+ */
+export function logAudit(action, detail, decision) {
+  ensureDir();
+  const ts = new Date().toISOString();
+  const line = `[${ts}] ${decision.toUpperCase().padEnd(8)} ${action.padEnd(20)} ${detail}\n`;
+  appendFileSync(AUDIT_FILE, line, 'utf8');
+}
+
+/**
+ * Read audit log contents (last N lines).
+ */
+export function readAuditLog(lines = 50) {
+  ensureDir();
+  if (!existsSync(AUDIT_FILE)) return '(no audit log yet)';
+  const content = readFileSync(AUDIT_FILE, 'utf8');
+  const allLines = content.trim().split('\n');
+  return allLines.slice(-lines).join('\n');
+}
+
+/**
+ * Get the path to the audit log.
+ */
+export function getAuditPath() {
+  return AUDIT_FILE;
+}

package/lib/auth.js

@@ -0,0 +1,43 @@
+/**
+ * V Code — Authentication module.
+ * Handles login against Vynthen API with rate limiting awareness.
+ */
+
+const API_URL = 'https://vynthen.com/api/auth/cli-login';
+
+/**
+ * Authenticate with email and password.
+ * Returns { token, user } on success.
+ * Throws on failure with descriptive message.
+ */
+export async function authenticate(email, password) {
+  const res = await fetch(API_URL, {
+    method: 'POST',
+    headers: { 'Content-Type': 'application/json' },
+    body: JSON.stringify({ email, password }),
+  });
+
+  if (res.status === 429) {
+    throw new Error('Rate limited — too many login attempts. Try again in 15 minutes.');
+  }
+
+  if (res.status === 401) {
+    throw new Error('Invalid email or password.');
+  }
+
+  if (!res.ok) {
+    const body = await res.text().catch(() => '');
+    throw new Error(`Authentication failed (${res.status}): ${body || res.statusText}`);
+  }
+
+  const data = await res.json();
+
+  if (!data.token) {
+    throw new Error('Server returned no token. Please try again.');
+  }
+
+  return {
+    token: data.token,
+    user: data.user || { email },
+  };
+}

package/lib/bridge.js

@@ -0,0 +1,245 @@
+/**
+ * V Code — WebSocket Bridge.
+ * Connects to Vynthen V Code backend over encrypted WSS.
+ * Receives operation requests, dispatches them locally, sends results back.
+ */
+
+import WebSocket from 'ws';
+import chalk from 'chalk';
+import ora from 'ora';
+import { dispatch } from './dispatcher.js';
+import { getToken, isTokenExpired } from './keychain.js';
+
+const WS_URL = 'wss://vynthen.com/api/vcode-ws';
+const RECONNECT_DELAYS = [1000, 2000, 4000, 8000, 15000, 30000]; // exponential backoff
+
+export class Bridge {
+  constructor({ onStatusChange, onOperation, onError }) {
+    this.ws = null;
+    this.token = null;
+    this.connected = false;
+    this.reconnectAttempt = 0;
+    this.intentionalClose = false;
+    this.spinner = null;
+    this.onStatusChange = onStatusChange || (() => {});
+    this.onOperation = onOperation || (() => {});
+    this.onError = onError || (() => {});
+    this.operationCount = 0;
+    this.startTime = null;
+  }
+
+  /**
+   * Start the bridge connection.
+   */
+  async connect() {
+    this.token = await getToken();
+
+    if (!this.token) {
+      throw new Error('Not authenticated. Run `vcode login` first.');
+    }
+
+    if (isTokenExpired(this.token)) {
+      throw new Error('Token expired. Run `vcode login` to re-authenticate.');
+    }
+
+    this.startTime = Date.now();
+    this.intentionalClose = false;
+    this._connect();
+  }
+
+  /**
+   * Internal connect with reconnection logic.
+   */
+  _connect() {
+    if (this.intentionalClose) return;
+
+    this.spinner = ora({
+      text: chalk.gray('Connecting to Vynthen V Code...'),
+      spinner: 'dots12',
+      color: 'magenta',
+    }).start();
+
+    this.ws = new WebSocket(WS_URL, {
+      headers: {
+        Authorization: `Bearer ${this.token}`,
+      },
+    });
+
+    this.ws.on('open', () => {
+      this.connected = true;
+      this.reconnectAttempt = 0;
+
+      if (this.spinner) this.spinner.succeed(chalk.green('Connected to Vynthen V Code'));
+
+      this.onStatusChange('connected');
+
+      // Send system info
+      import('os').then(os => {
+        this.send({
+          type: 'CLIENT_INFO',
+          data: {
+            platform: process.platform,
+            arch: process.arch,
+            nodeVersion: process.version,
+            cwd: process.cwd(),
+            hostname: os.hostname(),
+            username: os.userInfo().username,
+            homedir: os.homedir(),
+          },
+        });
+      });
+
+      console.log(chalk.gray('  Waiting for operations from Vynthen...\n'));
+    });
+
+    this.ws.on('message', async (raw) => {
+      try {
+        const message = JSON.parse(raw.toString());
+        await this._handleMessage(message);
+      } catch (err) {
+        console.error(chalk.red(`  ✗ Failed to parse message: ${err.message}`));
+      }
+    });
+
+    this.ws.on('close', (code, reason) => {
+      this.connected = false;
+
+      if (this.intentionalClose) {
+        console.log(chalk.gray('\n  Bridge disconnected.'));
+        this.onStatusChange('disconnected');
+        return;
+      }
+
+      const reasonStr = reason?.toString() || '';
+
+      if (code === 4001) {
+        console.log(chalk.red('\n  ✗ Authentication failed. Run `vcode login` again.'));
+        this.onStatusChange('auth_failed');
+        return;
+      }
+
+      if (code === 4002) {
+        console.log(chalk.red('\n  ✗ Token expired. Run `vcode login` to re-authenticate.'));
+        this.onStatusChange('token_expired');
+        return;
+      }
+
+      this.onStatusChange('reconnecting');
+      this._reconnect();
+    });
+
+    this.ws.on('error', (err) => {
+      if (this.spinner) this.spinner.fail(chalk.red(`Connection error: ${err.message}`));
+      this.onError(err);
+    });
+  }
+
+  /**
+   * Reconnect with exponential backoff.
+   */
+  _reconnect() {
+    if (this.intentionalClose) return;
+
+    const delay = RECONNECT_DELAYS[Math.min(this.reconnectAttempt, RECONNECT_DELAYS.length - 1)];
+    this.reconnectAttempt++;
+
+    console.log(chalk.yellow(`  ↻ Reconnecting in ${delay / 1000}s (attempt ${this.reconnectAttempt})...`));
+
+    setTimeout(() => {
+      if (!this.intentionalClose) {
+        this._connect();
+      }
+    }, delay);
+  }
+
+  /**
+   * Handle incoming message from server.
+   */
+  async _handleMessage(message) {
+    const { type, id, data } = message;
+
+    switch (type) {
+      case 'OPERATION': {
+        this.operationCount++;
+        const opType = data?.operation;
+        const params = data?.params || {};
+
+        const ts = new Date().toLocaleTimeString();
+        console.log(chalk.gray(`  [${ts}] `) + chalk.cyan(`Operation #${this.operationCount}: `) + chalk.white(opType));
+
+        this.onOperation(opType, params);
+
+        try {
+          const result = await dispatch(opType, params);
+
+          this.send({
+            type: 'OPERATION_RESULT',
+            id,
+            data: result,
+          });
+
+          if (result.success) {
+            console.log(chalk.green(`  ✓ ${opType} completed successfully\n`));
+          } else {
+            console.log(chalk.red(`  ✗ ${opType} failed: ${result.error}\n`));
+          }
+        } catch (err) {
+          this.send({
+            type: 'OPERATION_RESULT',
+            id,
+            data: { success: false, error: err.message },
+          });
+          console.log(chalk.red(`  ✗ ${opType} threw error: ${err.message}\n`));
+        }
+        break;
+      }
+
+      case 'PING':
+        this.send({ type: 'PONG' });
+        break;
+
+      case 'SERVER_MESSAGE':
+        console.log(chalk.hex('#a855f7')(`  ⓘ Server: ${data?.message || ''}`));
+        break;
+
+      default:
+        // Unknown message type — ignore
+        break;
+    }
+  }
+
+  /**
+   * Send a message to the server.
+   */
+  send(message) {
+    if (this.ws && this.ws.readyState === WebSocket.OPEN) {
+      this.ws.send(JSON.stringify(message));
+    }
+  }
+
+  /**
+   * Gracefully disconnect.
+   */
+  disconnect() {
+    this.intentionalClose = true;
+    if (this.ws) {
+      this.ws.close(1000, 'Client disconnecting');
+      this.ws = null;
+    }
+    this.connected = false;
+  }
+
+  /**
+   * Get uptime in human-readable format.
+   */
+  getUptime() {
+    if (!this.startTime) return '0s';
+    const diff = Date.now() - this.startTime;
+    const hours = Math.floor(diff / 3600000);
+    const mins = Math.floor((diff % 3600000) / 60000);
+    const secs = Math.floor((diff % 60000) / 1000);
+    if (hours > 0) return `${hours}h ${mins}m`;
+    if (mins > 0) return `${mins}m ${secs}s`;
+    return `${secs}s`;
+  }
+}

package/lib/commands/login.js

@@ -0,0 +1,92 @@
+/**
+ * V Code — Login Command.
+ * Prompts for Vynthen credentials and stores JWT in OS keychain.
+ */
+
+import chalk from 'chalk';
+import inquirer from 'inquirer';
+import ora from 'ora';
+import { authenticate } from '../auth.js';
+import { storeToken, storeUser, getToken, isTokenExpired } from '../keychain.js';
+import { showLogo } from '../logo.js';
+
+export async function login() {
+  await showLogo();
+
+  // Check if already logged in with valid token
+  const existing = await getToken();
+  if (existing && !isTokenExpired(existing)) {
+    console.log(chalk.green('  ✓ You are already logged in with a valid token.\n'));
+    const { relogin } = await inquirer.prompt([
+      {
+        type: 'confirm',
+        name: 'relogin',
+        message: 'Do you want to login again?',
+        default: false,
+      },
+    ]);
+    if (!relogin) {
+      console.log(chalk.gray('  Keeping existing session.\n'));
+      return;
+    }
+  }
+
+  console.log(chalk.hex('#a855f7')('  Log in with your Vynthen account\n'));
+
+  const answers = await inquirer.prompt([
+    {
+      type: 'input',
+      name: 'email',
+      message: 'Email:',
+      validate: (val) => {
+        if (!val || !val.includes('@')) return 'Please enter a valid email address.';
+        return true;
+      },
+    },
+    {
+      type: 'password',
+      name: 'password',
+      message: 'Password:',
+      mask: '●',
+      validate: (val) => {
+        if (!val || val.length < 1) return 'Password cannot be empty.';
+        return true;
+      },
+    },
+  ]);
+
+  const spinner = ora({
+    text: chalk.gray('Authenticating...'),
+    spinner: 'dots12',
+    color: 'magenta',
+  }).start();
+
+  try {
+    const { token, user } = await authenticate(answers.email, answers.password);
+
+    await storeToken(token);
+    await storeUser(answers.email);
+
+    spinner.succeed(chalk.green('Authenticated successfully!'));
+
+    console.log('');
+    console.log(chalk.white('  Account: ') + chalk.cyan(answers.email));
+    console.log(chalk.white('  Token:   ') + chalk.gray('Stored securely in OS keychain'));
+    console.log(chalk.white('  Expires: ') + chalk.gray('8 hours from now'));
+    console.log('');
+    console.log(chalk.hex('#a855f7')('  Run ') + chalk.white.bold('vcode start') + chalk.hex('#a855f7')(' to connect to Vynthen V Code.\n'));
+  } catch (err) {
+    spinner.fail(chalk.red('Authentication failed'));
+    console.log('');
+
+    if (err.message.includes('Rate limited')) {
+      console.log(chalk.red('  ⚠ Too many login attempts. Please wait 15 minutes.\n'));
+    } else if (err.message.includes('Invalid email')) {
+      console.log(chalk.red('  ✗ Invalid email or password. Please try again.\n'));
+    } else {
+      console.log(chalk.red(`  ✗ ${err.message}\n`));
+    }
+
+    process.exit(1);
+  }
+}

package/lib/commands/logout.js

@@ -0,0 +1,34 @@
+/**
+ * V Code — Logout Command.
+ * Clears stored JWT token and user info from OS keychain.
+ */
+
+import chalk from 'chalk';
+import ora from 'ora';
+import { deleteToken, deleteUser, getToken } from '../keychain.js';
+
+export async function logout() {
+  const existing = await getToken();
+
+  if (!existing) {
+    console.log(chalk.yellow('\n  ⚠ No active session found. You are already logged out.\n'));
+    return;
+  }
+
+  const spinner = ora({
+    text: chalk.gray('Clearing credentials from keychain...'),
+    spinner: 'dots12',
+    color: 'magenta',
+  }).start();
+
+  try {
+    await deleteToken();
+    await deleteUser();
+    spinner.succeed(chalk.green('Logged out successfully'));
+    console.log(chalk.gray('  Token and credentials removed from OS keychain.\n'));
+  } catch (err) {
+    spinner.fail(chalk.red('Failed to clear credentials'));
+    console.log(chalk.red(`  ✗ ${err.message}\n`));
+    process.exit(1);
+  }
+}